OpenSSL

OpenSSL

262 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-4807

  • EPSS 0.67%
  • Published 08.09.2023 12:15:08
  • Last modified 23.04.2025 17:16:47

Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructio...

5.3

CVE-2023-3817

  • EPSS 0.32%
  • Published 31.07.2023 16:15:10
  • Last modified 05.05.2025 16:15:47

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. W...

5.3

CVE-2023-3446

  • EPSS 0.95%
  • Published 19.07.2023 12:15:10
  • Last modified 23.04.2025 17:16:36

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. W...

5.3

CVE-2023-2975

  • EPSS 0.19%
  • Published 14.07.2023 12:15:09
  • Last modified 23.04.2025 17:16:32

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate e...

6.5

CVE-2023-2650

  • EPSS 91.97%
  • Published 30.05.2023 14:15:09
  • Last modified 19.03.2025 16:15:21

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF o...

5.9

CVE-2023-1255

  • EPSS 0.05%
  • Published 20.04.2023 17:15:06
  • Last modified 04.02.2025 22:15:39

Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM p...

5.3

CVE-2023-0465

  • EPSS 0.42%
  • Published 28.03.2023 15:15:06
  • Last modified 18.02.2025 21:15:13

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certi...

5.3

CVE-2023-0466

  • EPSS 0.67%
  • Published 28.03.2023 15:15:06
  • Last modified 19.02.2025 18:15:22

The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with inva...

7.5

CVE-2023-0464

  • EPSS 0.83%
  • Published 22.03.2023 17:15:13
  • Last modified 05.05.2025 16:15:26

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious c...

4.9

CVE-2022-4203

  • EPSS 0.44%
  • Published 24.02.2023 15:15:11
  • Last modified 20.03.2025 21:15:14

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate...